Rewrite variables

A rewrite variable is an object that stores a dynamic value like a entry path of an request or a session id. Rewrite variables are represented as strings in the format %<variable name>% or %<variable name>[argument]%. They are, for example, useful to define generic rewrite rules that are independent of the selected mapping, virtual host, or back-end group.

Rewrite variables are available in the following areas. For variable specific exceptions see table list of rewrite variables.

Pattern and substitution fields in:

  • Request Actions
  • Response Actions
  • URL Encryption
  • CSRF Tokens
  • Deny Rules
  • Allow Rules

Redirect locations fields:

  • Denied access URL
  • URL Encryption - Invalid URL redirect location
  • CSRF Tokens - Invalid token redirect location

List of rewrite variables

Variable name

Description

Not available in

%ENTRYPROTOCOL%

current request protocol from the client, http or https

Redirect locations

%ENTRYHOST%

entry host of the current mapping, without port

Redirect locations

%ENTRYPORT%

entry host port number of the current mapping

Redirect locations

%ENTRYDIR%

entry path of the current mapping trimmed of trailing slashes, empty for root entry path

Mapping with regex entry path

%ENTRYPATH%

same as %ENTRYDIR% but also trimmed of leading slashes

Mapping with regex entry path

%BACKENDDIR%

back-end path of the current mapping trimmed of trailing slashes, empty for root back-end path

Mapping with regex entry path

%BACKENDPATH%

same as %BACKENDDIR% but also trimmed of leading slashes

Mapping with regex entry path

%ENTRYDIR[<mapping>]%

same as %ENTRYDIR% of mapping with name "<mapping>" *

%ENTRYPATH[<mapping>]%

same as %ENTRYPATH% of mapping with name "<mapping>" *

%BACKENDDIR[<mapping>]%

same as %BACKENDDIR% of mapping with name "<mapping>" *

%BACKENDPATH[<mapping>]%

same as %BACKENDPATH% of mapping with name "<mapping>" *

%BACKENDPROTOCOL%

back-end protocol, http or https

Redirect locations

%BACKENDHOSTNAME%

back-end host for this request, dynamically set based on current load balancing back-end host, without port

Redirect locations

%BACKENDPORT%

port number of back-end host - see above

Redirect locations

%BACKENDHOST%

combined value of back-end host and port; omitting default ports: 80, 443

Redirect locations

%VHCOOKIEDOMAIN%

the cookie domain configured in the virtual host

Redirect locations

%REQUESTID%

current request id

Patterns,
Redirect locations

%SESSIONID%

current session id; "<n/a>" if no session is available

Patterns,
Redirect locations

%SESSIONTIMINGINFO%

In seconds:
{remaining session idle timeout}:{remaining session lifetime}

Patterns,
Redirect locations

%AUDITTOKEN%

current audit token

Patterns,
Redirect locations

%REMOTEADDR%

current IP address of client

Patterns,
Redirect locations

%ROLES%

In seconds:
{role1 name}:{remaining role1 idle timeout}:{remaining role1 lifetime},{role2 name}:{remaining role2 idle timeout}:{remaining role2 lifetime},...

Patterns,
Redirect locations

%ENTRYADDR%

IP address of current entry host

Patterns,
Redirect locations

* The referenced mapping must not use a regular expression as entry path.

Example

Incoming URL:
https://example.com/webmail/inbox/index.html

Configured value

Variable value

Entry protocol is: https

%ENTRYPROTOCOL%: https

Entry host is: example.com

%ENTRYHOST%: example.com

Entry host port is: 443

%ENTRYPORT%: 443

Entry path is: /webmail/inbox/

%ENTRYDIR%: /webmail/inbox

%ENTRYPATH%: webmail/inbox

Back-end protocol is: http

%BACKENDPROTOCOL%: http

Back-end host name is: mserv.net.local

%BACKENDHOSTNAME%: mserv.net.local

Back-end host port is: 8080

%BACKENDPORT%: 8080

 

%BACKENDHOST%: mserv.net.local:8080

Back-end path is: /mailapplication/inbox/

%BACKENDDIR%: /mailapplication/inbox

%BACKENDPATH%: mailapplication/inbox

Incoming URL

https://example.com/webmail/inbox/index.html

Rewrite from

%ENTRYPROTOCOL%://%ENTRYHOST%%ENTRYDIR%(/.*)?

Rewrite to

%BACKENDPROTOCOL%://%BACKENDHOST%%BACKENDDIR%$1

Back-end URL results in

http://mserv.net.local:8080/mailapplication/inbox/index.html

Literal mode

All variables are treated as literal values - characters do not have any special regular expression significance. This means, that the variable value 'www.example.com' just matches www.example.com and not www-example/com nor wwwXexampleYcom.

Technically this is achieved by internally surrounding all variables by an extra \Q .. \E span.